package com.zoweunion.mechanic.controller.base;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSONObject;
import com.zoweunion.mechanic.controller.BaseController;
import com.zoweunion.mechanic.model.ResponseBean;
import com.zoweunion.mechanic.model.User;
import com.zoweunion.mechanic.service.base.AuthService;
import com.zoweunion.mechanic.util.constants.Constants;
import com.zoweunion.mechanic.util.MD5;
import com.zoweunion.mechanic.util.MyException;


@SuppressWarnings("unchecked")
@RestController
@RequestMapping("/auth")
public class AuthController extends BaseController{
	
	@Autowired
	private AuthService authService;

	
	/**
	 * 获取授权列表(分页,type条件)
	 */
	@PostMapping("/list")
	public ResponseBean list(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_列表展示");
		Map<String, Object> reqMap = JSONObject.parseObject(str, Map.class);
		reqMap.put("s_id", getCurrentUser(request).getS_id());
		Map<String, Object> resultMap=authService.getPageQuery(reqMap);
		logAfter(logger);
		return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",resultMap);
	}
	
	/**
	 * 授权新增
	 */

	@PostMapping("/add")
	public ResponseBean add(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_新增");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		//添加之前判断是否存在授权类型相同账号
		Map<String,Object>authMap=authService.getAuthByUserAccount(reqMap);
		if(authMap!=null) {
			return new ResponseBean(Constants.CODE_HANDEL_FAILED,"该类型的账号已存在",null);
		}
		User currentUser = getCurrentUser(request);
		reqMap.put("s_id",currentUser.getS_id());
		reqMap.put("create_user",currentUser.getId());
		String result=authService.selectUserId(reqMap);
		reqMap.put("USERID", result);
		try {
			authService.insertAuth(reqMap);
			authService.updateUserRemainingSum(reqMap);
		} catch (Exception e) {
			return new ResponseBean(Constants.CODE_ACCESS_PROHIBITED,"操作失败,请填写正确的授权账号",null);
		}
			
		return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
	}
	
	
	/**
	 * 授权管理_编辑 
	 * @throws MyException 
	 */
	@PostMapping("/edit")
	public ResponseBean edit(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_编辑");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		//添加之前判断是否存在授权类型相同账号
//		Map<String,Object>authMap=authService.getAuthByUserAccount(reqMap);
//		if(authMap!=null) {
//			return new ResponseBean(Constants.CODE_HANDEL_FAILED,"该类型的账号已存在",null);
//		}
		String currentUserId = getCurrentUser(request).getId();
		reqMap.put("update_user",currentUserId);
		String user_id=authService.selectUserId(reqMap);
		reqMap.put("USERID", user_id);
		authService.update(reqMap);
		logAfter(logger);
		return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
	}
	
	
	
	/**
	 * 授权管理_禁用
	 * @throws MyException 
	 */
	@PostMapping("/ban")
	public ResponseBean ban(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_禁用");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		String currentUserId = getCurrentUser(request).getId();
		reqMap.put("update_user",currentUserId);
		reqMap.put("status", 2);
		String result=authService.selectUserId(reqMap);
		reqMap.put("USERID", result);
		authService.update(reqMap);
		logAfter(logger);
		return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
	}
	
	/**
	 * 授权管理_启用
	 * @throws MyException 
	 */
	@PostMapping("/recover")
	public ResponseBean recover(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_禁用");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		String currentUserId = getCurrentUser(request).getId();
		reqMap.put("update_user",currentUserId);
		reqMap.put("status", 1);
		String result=authService.selectUserId(reqMap);
		reqMap.put("USERID", result);
		authService.update(reqMap);
		logAfter(logger);
		return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
	}
	
	/**
	 * 授权管理_删除
	 * @throws MyException 
	 */
	@PostMapping("/delete")
	public ResponseBean delete(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_删除");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		String currentUserId = getCurrentUser(request).getId();
		reqMap.put("update_user",currentUserId);
		reqMap.put("delete_flag", 1);
		String result=authService.selectUserId(reqMap);
		reqMap.put("USERID", result);
		authService.update(reqMap);
		logAfter(logger);
		return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
	}
	
	/**
	 * 修改车主的授权额度 credit_limit
	 * @param str 车主id=user_account,车主姓名user_name,授权额度,账号,密码
	 * @param request
	 * @return
	 * @throws MyException
	 */
	@PostMapping("/editCreditLimit")
	public ResponseBean editCreditLimit(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_修改车主额度");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		String user_account = reqMap.get("u_id").toString();
		String r_id = authService.getAuthRoleByUseraccount(user_account);
		//String r_id = getCurrentUser(request).getR_id();
		Map<String,Object>authMap=new HashMap<String, Object>();
		reqMap.put("type","2");		
		authMap=authService.getAuthByUid(reqMap);
		//2是管理员不需要验证 直接修改授权额度
		if(Constants.ROLE_GLY.equals(r_id)) {
			reqMap.put("s_id",getCurrentUser(request).getS_id());
			reqMap.put("current_user_id",getCurrentUser(request).getId());
			reqMap.put("update_user",getCurrentUser(request).getId());
			reqMap.put("handler_user_name",getCurrentUser(request).getUser_name());
			authService.editCreditLimit(reqMap);
			logAfter(logger);
			return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
		}else {
			//1判断是否为管理员操作,非管理员操作要验证授权密码
			if(authMap==null) {
				return new ResponseBean(Constants.CODE_HANDEL_FAILED,"该授权账号不存在",null);
			}else if(Integer.valueOf(reqMap.get("credit_limit").toString())<Integer.valueOf(authMap.get("change_start").toString())
					||Integer.valueOf(reqMap.get("credit_limit").toString())>Integer.valueOf(authMap.get("change_end").toString())){
				return new ResponseBean(Constants.CODE_HANDEL_FAILED,"授信额度不在"+authMap.get("change_start")+"~"+authMap.get("change_end").toString()+"元授权范围内",null);
			}else if(!authMap.get("password").equals(MD5.md5(reqMap.get("password")+""))) {
				return new ResponseBean(Constants.CODE_HANDEL_FAILED,"授权账号或密码不正确",null);
			}else {
				reqMap.put("s_id",getCurrentUser(request).getS_id());
				reqMap.put("current_user_id",getCurrentUser(request).getId());
				reqMap.put("update_user",getCurrentUser(request).getId());
				reqMap.put("handler_user_name",getCurrentUser(request).getUser_name());
				authService.editCreditLimit(reqMap);
				logAfter(logger);
				return new ResponseBean(Constants.CODE_SUCCESS,"操作成功",null);
			}
		}
	}
	
	
	
	/**
	 * 修改工单的配件实际价格 
	 * @param str  u_id password  保养配件集合 维修配件集合
 	 * @param request
	 * @return
	 * @throws MyException
	 */
	@PostMapping("/editOrderPrice")
	public ResponseBean editOrderPrice(@RequestBody String str,HttpServletRequest request) throws MyException{
		logBefore(logger, "授权管理_修改工单配件价格");
		Map<String,Object> reqMap = JSONObject.parseObject(str, Map.class);
		reqMap.put("r_id", getCurrentUser(request).getR_id());
		reqMap.put("s_id", getCurrentUser(request).getS_id());
		reqMap.put("current_user_id", getCurrentUser(request).getId());
		reqMap.put("handler_user_name",getCurrentUser(request).getUser_name());
		
		return authService.editOrderPrice(reqMap);
		
	}
	
	
}
